Skip to main content
  • Home
  • Product Ideas
  • Cognite Data Fusion: Ability to prevent unscoped access to data in specified datasets.
Planned for development

Cognite Data Fusion: Ability to prevent unscoped access to data in specified datasets.

Related products:Authentication and Access Management
  • December 6, 2022
  • 8 replies
  • 160 views
S
Committed

As a data owner, I would like to prevent read access to data in a specific dataset for everyone outside explicitly specified groups. This is so that users or principals with non-scoped/”All” access do not accidentally get access to more sensitive data.

Example:

Dataset MyDataset exists and contains some sequence data we would like to restrict access to.

Group A has sequences:read (unscoped) capability.

Group B has sequences:read (scoped to MyDataset).

Today: both Group A and B can read the sequence data in MyDataset.

Desired: only Group B can read the sequence data in MyDataset.

8 replies

J
Practitioner

Hi Sverre,

Thank you for raising this and taking the time to provide a well written example.

The sequence:read capability will, as you experience, provide access to all sequences regardless of which data set the sequences are in.

To achieve what you need you can change Group A from having sequences:read (unscoped) capability, to have sequences:read (scoped to each data set - except MyDataset).

I recognize that this might not be ideal in the case where you want group A to have access to sequences in many data sets, and especially if you regularly add new data sets they should have access to. I have included your example for our future evolvement of the flexibility in our access control.

Best regards,
Jørgen Tennøe

S
Committed
  • Sverre Olsen
  • Author
  • Committed
  • 4 replies
  • December 7, 2022

Hi Jørgen,

thanks for getting back on this one. We appreciate the workaround you propose could do the job, but as you state, it is cumbersome and not future proof.

Cheers,

Sverre

 

Anita Hæhre
Seasoned Practitioner
Forum|alt.badge.img+1
  • Anita Hæhre
  • Head of Academy and Community
  • 590 replies
  • December 8, 2022
NewPlanned for development
Anita Hæhre
J
Practitioner

Thank your for this input Sverre,

I’m bringing this concrete case in for considerations for our access control design and plannings for the future.

Best regards,
Jørgen 

Sverre Fjerdingstad
Practitioner
Forum|alt.badge.img+3
Planned for developmentGathering Interest
Sverre | Cognite Academy
Sverre Fjerdingstad
Practitioner
Forum|alt.badge.img+3
Updated idea statusGathering InterestPlanned for development
Sverre | Cognite Academy
N
Practitioner
Forum|alt.badge.img

Would you be able to share the plan forward on this request ?

Marcela Young
MVP

@Sverre Fjerdingstad @Jørgen Tennøe - same question as user above - can we have an update?

Reply


Terms & ConditionsCookie Settings

Cookie Policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie Settings